NCR and Abertay defend ATMs from hacking

Though NCR closed its ATM manufacturing, it chose to keep its R&D facility in Dundee valuing its links with the University of Abertay to develop the world's leading corporate-academic alliance devoted to uncovering and addressing criminal hacking threats posed to Automatic Teller Machines (ATMs). Rather than reacting to known threats as they arise, security intelligence gained and adopted between NCR and University of Abertay through the ‘Ethical Hacking’ programme is proactively designed to stop would-be hackers and viruses before crimes occur.

Approved and partially-funded through the UK's Knowledge Transfer Partnership (KTP), the awarded contracts represent a joint venture between the University of Abertay Dundee and NCR Labs (Dundee right) the advanced development arm of NCR. The programme aims is to ensure that consumer trust in self-service is not compromised by criminal actions involving ATMs.

The current contract, the second to be approved through the KTP, focuses on personal authentication measures required to gain access to ATMs. The critical knowledge of illicit access to ATMs is an ongoing and growing threat to many ATM users.

“NCR is committed to holding its place as the industry leader in defending the integrity of the ATM channel for those who place their financial trust in us,” said (left) Mark Grossi, head of NCR Labs. “This relationship is one of the ways NCR stays at the forefront of technology in our proactive fight against ATM crime.”

“The support from the Knowledge Transfer Partnership and NCR has enabled the university to develop world-leading research and education that have a significant impact on global security,” said Colin McLean, (right) program tutor, school of computing and creative technologies, University of Abertay Dundee. “We’ve enjoyed building a relationship with NCR and take pride in the contributions these students have made in preventing unlawful criminal threats.”

The success of NCR’s partnership with the University of Abertay has led to notable achievements for both parties. The university has since implemented an ethical hacking program and offers two degrees – Bachelor of Science and Masters of Science in Ethical Hacking. Additionally, NCR incorporated the program’s findings on crime prevention into its R&D to provide secure ATM solutions to financial institutions.

All program proposals receive approval through the Knowledge Transfer Partnership, designed to capitalise on wide-ranging knowledge, technology and skills found in the UK, each program funded in part by Technology Strategy Board and 17 other funding organisations.

NCR’s ATM security portfolio include 50,000 licenses of Solidcore for APTRA, claimed as the only proven security solution to preserve system integrity and prevent malware on ATMs.

Its NCR SelfServ, (left) is the first to introduce a protected USB architecture self- contained in the ATM, to help mitigate risk of unauthorised USB devices fraudulent connections.

Its Fraudulent Device Inhibitor (FDI) is an external illuminated feature or kit that makes it difficult for criminals to attach foreign devices on or around an NCR ATM card reader.

The Intelligent Fraud Detection (IFD) is a claimed unique approach to countering ATM fraud and can detect a variety of fraudulent devices that criminals may attempt to add to the ATM fascia. The deployer receives an instant alert as soon as a fraudulent device has been added to the ATM, even before any fraud has taken place.

Only problem still outstanding perhaps is the 'smash & dash' ram raid, and even that seems to have a solution too.